def post(self, request): """ Create a group Permission checking: 1. Admin user; """ # argument check group_name = request.data.get('group_name', '') if not group_name: error_msg = 'group_name %s invalid.' % group_name return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _( u'Group name can only contain letters, numbers, blank, hyphen, dot, single quote or underscore' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group_owner = request.data.get('group_owner', '') if group_owner: try: User.objects.get(email=group_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % group_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) username = request.user.username new_owner = group_owner or username # create group. try: group_id = ccnet_api.create_group(group_name, new_owner) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # send admin operation log signal admin_op_detail = { "id": group_id, "name": group_name, "owner": new_owner, } admin_operation.send(sender=None, admin_name=username, operation=GROUP_CREATE, detail=admin_op_detail) # get info of new group group_info = get_group_info(group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = _(u'You do not have permission to create group.') return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # create group. try: group_id = seaserv.ccnet_threaded_rpc.create_group(group_name, username) except SearpcError as e: logger.error(e) error_msg = _(u'Failed') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = get_group_info(request, group_id, GROUP_AVATAR_DEFAULT_SIZE) return Response(group_info, status=status.HTTP_201_CREATED)
def post(self, request): """Add a group in address book. parent_group: -1 - no parent group; > 0 - have parent group. group_owner: default to system admin group_staff: default to system admin """ group_name = request.data.get('group_name', '').strip() if not group_name: error_msg = 'name %s invalid.' % group_name return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _('Name can only contain letters, numbers, spaces, hyphen, dot, single quote, brackets or underscore.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _('There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Group owner is 'system admin' group_owner = request.data.get('group_owner', 'system admin') try: parent_group = int(request.data.get('parent_group', -1)) except ValueError: error_msg = 'parent_group invalid' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if parent_group < 0 and parent_group != -1: error_msg = 'parent_group invalid' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # TODO: check parent group exists try: if is_org_context(request): # request called by org admin org_id = request.user.org.org_id group_id = ccnet_api.create_org_group( org_id, group_name, group_owner, parent_group_id=parent_group) else: group_id = ccnet_api.create_group(group_name, group_owner, parent_group_id=parent_group) seafile_api.set_group_quota(group_id, -2) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = address_book_group_to_dict(group_id) return Response(group_info, status=status.HTTP_200_OK)
def post(self, request): """Add a group in address book. parent_group: -1 - no parent group; > 0 - have parent group. group_owner: default to system admin group_staff: default to system admin """ group_name = request.data.get('group_name', '').strip() if not group_name: error_msg = 'name %s invalid.' % group_name return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Name can only contain letters, numbers, blank, hyphen or underscore.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'The name already exists.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Group owner is 'system admin' group_owner = request.data.get('group_owner', '') try: parent_group = int(request.data.get('parent_group', -1)) except ValueError: error_msg = 'parent_group invalid' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if parent_group < 0 and parent_group != -1: error_msg = 'parent_group invalid' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # TODO: check parent group exists try: if is_org_context(request): # request called by org admin org_id = request.user.org.org_id group_id = ccnet_api.create_org_group( org_id, group_name, group_owner, parent_group_id=parent_group) else: group_id = ccnet_api.create_group(group_name, group_owner, parent_group_id=parent_group) seafile_api.set_group_quota(group_id, -2) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = address_book_group_to_dict(group_id) return Response(group_info, status=status.HTTP_200_OK)
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _( 'Group name can only contain letters, numbers, blank, hyphen, dot, single quote or underscore' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _('There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # create group. try: if is_org_context(request): org_id = request.user.org.org_id group_id = seaserv.ccnet_threaded_rpc.create_org_group( org_id, group_name, username) else: group_id = seaserv.ccnet_threaded_rpc.create_group( group_name, username) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # if the group has no workspace, create a workspace owner = '%s@seafile_group' % group_id workspace = Workspaces.objects.get_workspace_by_owner(owner) if not workspace: try: org_id = -1 if is_org_context(request): org_id = request.user.org.org_id create_repo_and_workspace(owner, org_id) except Exception as e: logger.error(e) error_msg = 'Internal Server Error.' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = get_group_info(request, group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def post(self, request): """ Create a group Permission checking: 1. Admin user; """ # argument check group_name = request.data.get('group_name', '') if not group_name: error_msg = 'group_name %s invalid.' % group_name return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen, single quote or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) group_owner = request.data.get('group_owner', '') if group_owner: try: User.objects.get(email=group_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % group_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) username = request.user.username new_owner = group_owner or username # create group. try: group_id = ccnet_api.create_group(group_name, new_owner) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # send admin operation log signal admin_op_detail = { "id": group_id, "name": group_name, "owner": new_owner, } admin_operation.send(sender=None, admin_name=username, operation=GROUP_CREATE, detail=admin_op_detail) # get info of new group group_info = get_group_info(group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def put(self, request, group_id): """ Rename, transfer a specific group """ group = seaserv.get_group(group_id) username = request.user.username new_group_name = request.data.get('name', None) if new_group_name: # rename a group # Check whether group name is validate. if not validate_group_name(new_group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, new_group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: seaserv.ccnet_threaded_rpc.set_group_name(group_id, new_group_name) except SearpcError as e: logger.error(e) error_msg = _(u'Internal Server Error') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_creator= request.data.get('creator', None) if new_creator: # transfer a group if not is_valid_username(new_creator): error_msg = _('Creator %s is not valid.') % new_creator return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if new_creator == group.creator_name: error_msg = _('%s is already group owner') % new_creator return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: if not seaserv.is_group_user(group_id, new_creator): seaserv.ccnet_threaded_rpc.group_add_member(group_id, username, new_creator) if not seaserv.check_group_staff(group_id, new_creator): seaserv.ccnet_threaded_rpc.group_set_admin(group_id, new_creator) seaserv.ccnet_threaded_rpc.set_group_creator(group_id, new_creator) except SearpcError as e: logger.error(e) error_msg = _(u'Internal Server Error') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get new info of this group group_info = get_group_info(request, group_id, GROUP_AVATAR_DEFAULT_SIZE) return Response(group_info)
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = _(u'You do not have permission to create group.') return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('group_name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Group name is valid, create that group. try: group_id = seaserv.ccnet_threaded_rpc.create_group(group_name, username) except SearpcError as e: logger.error(e) error_msg = _(u'Failed') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) try: size = int(request.data.get('avatar_size', GROUP_AVATAR_DEFAULT_SIZE)) except ValueError: size = GROUP_AVATAR_DEFAULT_SIZE g = seaserv.get_group(group_id) try: avatar_url, is_default, date_uploaded = api_grp_avatar_url(g.id, size) except Exception as e: logger.error(e) avatar_url = get_default_group_avatar_url() val = utc_to_local(dt(g.timestamp)) new_group = { "id": g.id, "name": g.group_name, "creator": g.creator_name, "created_at": val.strftime("%Y-%m-%dT%H:%M:%S") + DateFormat(val).format('O'), "avatar_url": request.build_absolute_uri(avatar_url), "admins": self._get_group_admins(g.id), } return Response(new_group, status=status.HTTP_201_CREATED)
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _( u'Group name can only contain letters, numbers, blank, hyphen or underscore' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # create group. try: if is_org_context(request): org_id = request.user.org.org_id group_id = seaserv.ccnet_threaded_rpc.create_org_group( org_id, group_name, username) else: group_id = seaserv.ccnet_threaded_rpc.create_group( group_name, username) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = get_group_info(request, group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def post(self, request): """ Create a group """ if not self._can_add_group(request): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username group_name = request.data.get('name', '') group_name = group_name.strip() # Check whether group name is validate. if not validate_group_name(group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen, single quote or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # create group. try: if is_org_context(request): org_id = request.user.org.org_id group_id = seaserv.ccnet_threaded_rpc.create_org_group(org_id, group_name, username) else: group_id = seaserv.ccnet_threaded_rpc.create_group(group_name, username) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get info of new group group_info = get_group_info(request, group_id) return Response(group_info, status=status.HTTP_201_CREATED)
def put(self, request, group_id): """ Rename, transfer a specific group """ username = request.user.username new_group_name = request.data.get('name', None) # rename a group if new_group_name: try: # only group owner/admin can rename a group if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # Check whether group name is validate. if not validate_group_name(new_group_name): error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, new_group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) seaserv.ccnet_threaded_rpc.set_group_name(group_id, new_group_name) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_owner = request.data.get('owner', None) # transfer a group if new_owner: try: # only group owner can transfer a group if not is_group_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # augument check if not is_valid_username(new_owner): error_msg = 'Email %s invalid.' % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if is_group_owner(group_id, new_owner): error_msg = _(u'User %s is already group owner.') % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # transfer a group if not is_group_member(group_id, new_owner): ccnet_api.group_add_member(group_id, username, new_owner) if not is_group_admin(group_id, new_owner): ccnet_api.group_set_admin(group_id, new_owner) ccnet_api.set_group_creator(group_id, new_owner) ccnet_api.group_unset_admin(group_id, username) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) wiki_enabled = request.data.get('wiki_enabled', None) # turn on/off group wiki if wiki_enabled: try: # only group owner/admin can turn on a group wiki if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # augument check if wiki_enabled != 'true' and wiki_enabled != 'false': error_msg = 'wiki_enabled invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # turn on/off group wiki if wiki_enabled == 'true': enable_mod_for_group(group_id, MOD_GROUP_WIKI) else: disable_mod_for_group(group_id, MOD_GROUP_WIKI) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) group_info = get_group_info(request, group_id) return Response(group_info)
def put(self, request, group_id): """ Rename, transfer a specific group """ group = seaserv.get_group(group_id) username = request.user.username new_group_name = request.data.get('name', None) if new_group_name: # rename a group # Check whether group name is validate. if not validate_group_name(new_group_name): error_msg = _( u'Group name can only contain letters, numbers, blank, hyphen or underscore' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # Check whether group name is duplicated. if check_group_name_conflict(request, new_group_name): error_msg = _(u'There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: seaserv.ccnet_threaded_rpc.set_group_name( group_id, new_group_name) except SearpcError as e: logger.error(e) error_msg = _(u'Internal Server Error') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_creator = request.data.get('creator', None) if new_creator: # transfer a group if not is_valid_username(new_creator): error_msg = _('Creator %s is not valid.') % new_creator return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if new_creator == group.creator_name: error_msg = _('%s is already group owner') % new_creator return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: if not seaserv.is_group_user(group_id, new_creator): seaserv.ccnet_threaded_rpc.group_add_member( group_id, username, new_creator) if not seaserv.check_group_staff(group_id, new_creator): seaserv.ccnet_threaded_rpc.group_set_admin( group_id, new_creator) seaserv.ccnet_threaded_rpc.set_group_creator( group_id, new_creator) except SearpcError as e: logger.error(e) error_msg = _(u'Internal Server Error') return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # get new info of this group group_info = get_group_info(request, group_id, GROUP_AVATAR_DEFAULT_SIZE) return Response(group_info)
def put(self, request, group_id): """ Admin update a group 1. transfer a group. 2. set group quota. 3. rename group. Permission checking: 1. Admin user; """ if not request.user.admin_permissions.can_manage_group(): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') # recourse check group_id = int(group_id) # Checked by URL Conf group = ccnet_api.get_group(group_id) if not group: error_msg = 'Group %d not found.' % group_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) new_owner = request.data.get('new_owner', '') if new_owner: if not is_valid_username(new_owner): error_msg = 'new_owner %s invalid.' % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # check if new_owner exists, # NOT need to check old_owner for old_owner may has been deleted. try: User.objects.get(email=new_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % new_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) old_owner = group.creator_name if new_owner == old_owner: error_msg = _('User %s is already group owner.') % new_owner return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # transfer a group try: if not is_group_member(group_id, new_owner): ccnet_api.group_add_member(group_id, old_owner, new_owner) if not is_group_admin(group_id, new_owner): ccnet_api.group_set_admin(group_id, new_owner) ccnet_api.set_group_creator(group_id, new_owner) ccnet_api.group_unset_admin(group_id, old_owner) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # send admin operation log signal admin_op_detail = { "id": group_id, "name": group.group_name, "from": old_owner, "to": new_owner, } admin_operation.send(sender=None, admin_name=request.user.username, operation=GROUP_TRANSFER, detail=admin_op_detail) # set group quota group_quota = request.data.get('quota', '') if group_quota: try: group_quota = int(group_quota) except ValueError: error_msg = 'quota invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if not (group_quota > 0 or group_quota == -2): error_msg = 'quota invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: seafile_api.set_group_quota(group_id, group_quota) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_name = request.data.get('name', '') if new_name: if not validate_group_name(new_name): error_msg = _( 'Name can only contain letters, numbers, spaces, hyphen, dot, single quote, brackets or underscore.' ) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if check_group_name_conflict(request, new_name): error_msg = _('There is already a group with that name.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) try: ccnet_api.set_group_name(group_id, new_name) set_group_name_cache(group_id, new_name) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) group_info = get_group_info(group_id) return Response(group_info)